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IN THE CLAIMS 

1. (ciirrently suuendcd) A meihod involving a presenter, a trusted party, and an 
acceptor for validating submitted profile data of said presenter during an on-line transaction, said 
method comprisine: 

receiving, by said trusted party during an enrollment process, profile data and enrollmenl 
data from said presenter, said trusted party being an issuer of an account to said presenter; 

verifying, by said trusted party during said enrollment process using said enrollmenl data, 
the identity of said presenter and associating authentication data with said presenter; 

communicating said authentication data between said trusted party and said presenter 
during said enrollment process, said authenticadon data being known o nly to said trusted party 
and to said presenter; 

receiving said submitted profile data at said trusted party from said acceptor; 

comparing said submitted profile data against said profile data stored by said trusted 

parly; 

receiving, at said trusted party, submitted authentication data from said presenter during 

said on-line U'ansaction; 

authenticating, by said trusted party, said presenter by comparing said submitted 
authentication data received from said presenter with said authentication data; 

validating, by said trusted party, said submitted profile data using results of said 
comparing and results of said authenticating; 

notifying said acceptor by said trusted party that said submitted profile data of said 
presenter is either authentic or erroneous, whereby said trusted party validates said submitted 
profile daia of said presenter for the benefit of said acceptor. 

2. (original) A method as recited in claim I further comprising; 

notifying said acceptor by said trusted party of the authenticity of said presenter, whereby 
said trusted party authenticates said presenter for the benefit of said acceptor. 

3. (original) A method as recited in claim 2 wherein said notil>'ing operation further 
comprises: 

notifying said acceptor tliat said presenter is authentic when said submitted authentication 
data received from said presenter matches said previously associated authentication data; and 
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notifying said acceptor that said submitted profile data is authentic when said submitted 
profile data matches said profile data. 

4. (original) A metliod as recited in claim 1 wherein ihe presenter communicates with 
said trusted party and with said acceptor over the Internet. 

5. (original) A mcihod as recited in claim 4 wherein said trusted party and said 
acceptor also communicate over the Internet. 

6. (original) A method as recited in claim 3 wherein the notifying operation regarding 
the authenticity of said presenter provides a deiinitivc answer as to whether the authenticity and 
the submitted profile data of said presenter are authentic or not. 

I, (original) A method as recited in claim I further comprising: 

receiving and storing said authentication data from said prcsemer ai said trusted party 
during said enroUmem process, wherein said authentication data becomes associated with said 
prcsemer. 

8- (Canceled) 

9. (original) A method as recited in claim 1 further comprising: 

providing, by Sciid trusted pany, to said presenter a program identity number which is 
con-elated with said profile data and said authentication data; and 
storing said program identity number by said trusted pany, 

1 0. (original) A niediod as recited in claim 9 wherein said program identity number is an 
account number for a financial account of said presenter and wherein said trusted party is a 
financial Institution d^ai maintains said financial accoiuii. 

I I . (original) A method as recited in claim 2, wherein prior to said trusted party 
receiving said authentication daia, tlie method further comprising: 

initiating communications between said presenter and said acceptor; 
receiving said profile datai and a program identity number at said acceptor from said 
presenter. 
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12. (original) A method as recited in claim 1 1 further comprising: 

querying said trusted part>' by said acceptor whether said presenter can be authenticated 
and whether said submitted profile data of said presenter can be validated by said trusted party. 

13. (original) A meiliod as recited in claim 1 2 funher comprising: 

querying said trusted party by said acceptor whether account data updating can be 
provided* 

14. (original) A method as recited in claim 12 wherein the querying operation is 
executed by transmitting a service em-oUmcnt request message from said acceptor to said trusted 
party via a directory server. 

15. (original) A method as recited in claim 14 wherein said service enrollment request 
message includes said program identity number originally provided to said acceptor from said 
presenter. 

16. (original) A method as recited in claim 12 further comprising: 

iuforming said acceptor by said Trusted pany whether said presenter can be authenticated 
and whether said profile data of said presenter can be validated by said trusted party. 

17. (original) A method as recited in claim 16 wherein the quer>'ing operation is 
executed by transmitting a service enrollment response message from said tmsied party to said 
acceptor via a directory server. 

18. (original) A method as recited in claim 2 funher comprising: 

transmitting a data authentication request message from said acceptor to said trusted party 
in order to request that said trusted patty authenticate said presenter and validate said submitted 
profile data of smd presenter. 

19. (Canceled) 

20. (original) A method as recited in claim 1 8 wherein said data authentication request 
message includes submiued profile data originally provided to said acceptor from said presenter. 
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21. (original) A method as recited in claim 18 wherein both of said notifying operations 
are executed by transmitting a data authentication response message from said trusted party to 
said acceptor. 



22. (Canceled) 



23. (original) A method as recited in claim 1 fiirlher comprising: 

providing, by said trusted party, of updated profile data when said submitted profile data 
is deiennijied to be oui of date. 



24. (original) A method as recited in claim 23 wherein (he updated profile data contains 
account daia. 
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25. (currenrly £uiiended) An on-line dma amhemication sysxem comprisine: 

a presenter who submits enrollment data and profile data to a trusted party during an 
enrollment process, and with whom isS associated authcnticaiion data during said enrollment 
process, wherein said authentication data is communicated between said presenter and said 
trusted party during said enroHmcnt process, said authentication data being knowTi only to said 
tRtsted oartv and to said presenter, said trusted party being an issuer of an account to said 
presenter; 

said trusted party who receives said enrollment data and said profile data during said 
enrollment process, who verifies the identity of said presenter during said enrollment process 
using said enrollment data, who receives said authentication data from said presenter during an 
on-line transaction, and who authenticates said authentication data and validates said profile data 
of said presenter during said on-line transaction; 

an acceptor who conducts said on-line transaction with said prcsemer and who requests 
of said trusted party to authenticate said presenter and to validate said profile data of said 
presenter; and 

a directory server configured to detennine the existence of said trusted party who is able 
to authenticate said presenter and to validate said profile data of said presenter. 

26. (original) A system as recited in claim 25 wherein each of said acceptor and said 
tmstcd party are configured to communicate with said presenter via the Internet, 

27. (original) A system as recited in claim 25 wherein the trusted party is configiu-ed to 
provide a definitive answer as to whether said presenter and said profile data are authentic or not 
authentic. 

28. (original) A system as recited in claim 25 further comprising: 

pre-designaied authentication data previously submined by said presenter, which is stored 
by said trusted party, wherein said trusted party authenticates said authentication data by 
comparing said auihentication data against said pre-dcsignated authentication data. 

29,. (original) A system as recited in claim 28 further comprising: 

a program identity number that is assigned to said presenter wherein said program 
identity number is correlated to said pre-dcsignated authentication data and said profile data. 
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30. (original) A sysiem as recited in claim 29 wherein said program identity number is 
an account number for a financial account of said presenter wherein said trusted party is a 
financial institution thai maintains said financial account. 

31. (original) A system as recited in claim 25 further comprising: 

a service enrollment request message that is transmitted from said acceptor to said trusted 
paity via said directoiy server, said service enrollment request message containing a query to 
said directory server and tnisted party as to whether said trusted party will be able to authenticate 
said presenter and validate said profile data of said presenter. 

32. (original) A system as recited in claim 31 further comprising: 

a service enrollment response message that is transmitted from said trusltid party to said 
acceptor via said directory server, said service enrollment response message containing 
confirmaiion as to whether said trusted party will be able lo authenticate said presenter and 
validate said profile data of said presenter. 

33. (original) A system as recited in claim 25 further comprising: 

a data authentication request message that is transmitted from said acceptor to said 
trusted party in order to request that said trusted party authenticate said presenter and validate 
said profile data of said presenter. 

34. (original) A sysiem as recited in claim 33 wherein said data authentication request 
message includes said profile data of said presenter. 

35. (original) A system as recited in claim 33 furtlier comprising: 

a data authentication response message that is transmitted trom said trusted pany to said 
acceptor, said data authentication response message including notification as to the authenticity 
of said presenter and the validity of said profile data of said presenter. 

36. (original) A sysiem as recited in claim 33 funher comprising: 

a data authentication response message that is transmitted trom said trusted part^* to said 
acceptor, said data authentication response message including notification as to whether said 
profile data is accurate or contains errors. 
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37. (currently amended) A method involving a presenter, a trusted party, and an 

acceptor for providing profile data of said presenter during an on-line transaction, said method 
comprising: 

receiving, by said trusted party during an enrollment process, profile data and enrollment 
data from said presenter, said trusted parly being an issuer of an account to said presenter; 

verifying, by said Trusted party during said enrollment process using said enrollment data, 
tJie identity of said presenter and associating authentication data with said presenter; 

communicating s^iid authentication data between said trusted party and said presenter 
during said enrollment process, said authentication data being known only to said trusted nanv 
and to said presenter: 

querying said trusted pany by said acceptor for said trusted pmty lo provide said profile 
data to said acceptor; 

receiving, at said trusted party, submitted authentication data from said presenter during 
said on-line transaction; 

comparing, by said trusted party, said submitted auihemication data against said 
authentication data previously associated with said presenter; 

providing said profile data of said presenter, by said Uusted party, lo said acceptor; and 

notifying said acceptor by said trusted party of the authenticity of said presenter, whereby 
said trusted party authenticates said presenter for the benefit of said acceptor and provides said 
profile data. 

38. (Canceled) 

39. (original) A method as recited in claim 37 w^herein the presenter communicates with 
said trusted party and with said acceptor over the Iniemet. 

40. (original) A method as recited in claim 39 wherein said trusted party and said 
acceptor also communicate over the Internet. 

41 . (original) A method as recited in claim 37 wherein ihe notifying operation regarding 
the authenticity of said presenter provides a definitive answer as to whether the authenticity and 
said profile data of said presenter are authentic or not. 
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42. (Canceled) 

43. (Canceled) 

44. (original) A method as recited in claim with claim 37 further comprising: 
providing, by said trusted party, to said presenter a program identity number which is 

correlated with said profile data and witli said authentication data; 
storing said program identity number by said trusted party. 

45. (original) A method as recited in claim 44 wherein said program identity number is 
an account number for a financial account of said presenter wherein said trusted party is a 
financial institution that maintains said financial account. 

46. (original) A method as recited in claim 37 wherein said profile data includes at least 
the name and address of said presenter. 

47. (original) A method as recited in claim 37 further comprising: 

transmitting a data authentication request message from said acceptor to said trusted party 
in order to request that said trusted party provide said profile data of said presenter. 

48. (Canceled) 

49. (original) A method as recited in claim 37 further comprising: 
requesting said presenter, by said trusted party, for said authentication data; and 
asking said presenter, by said trusted party, for permission to provide said profile data of 

said presenter to said acceptor. 

50. (original) A method as recited in claim 47 wherein said providing is executed by 
transmitting a data authentication response message from said trusted party to said acceptor, said 
data authentication response message containing said profile data of said presenter. 

51. (Canceled) 
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52. (currently amended) An on-line daia authentication system comprising: 

a presenter who ^submits enrollment data and profile data to a trusted party during an 
enrollment process, and with whom is associated authentication daui during said enrollment 
process, wherein said authentication data is communicated between said presenter and said 
tn.isted pariv during said enrollment process^ said authentication data being known only to said 
trusted par ty and to said presenter, said trusted party being an issuer of an account lo said 
presenter; 

said trusted pany who receives said enrollment data and said profile data during said 
enrollment process, who verifies the identity of said presenter during said enrollment process 
using said enrollment data, who receives said auihentication data from said presenter during an 
online transaction, and who authenticates said authentication data and provides said profile data 
of said a presenter to an acceptor during said on-line transaction; 

said acceptor who conducts said on-line transaction with said presenter and who requests 
of said trusted party to authenticate said presenter and to provide said profile data of said 
presenter; and 

a directory server configured lo determine the existence of said trusted party who is able 
to authenticate said presenter and to provide said profile data of said presenter. 

53. (original) A system as recited in claim 52 wherein each of said acceptor and said 
trusted party are conligtured to communicate with said presenter via the Internet. 



54. (original) A system as recited in claim 52 wherein the trusted parry is configured to 
provide a definitive answer as to whether said presenter is authentic or not authentic. 




JdAathan O. Scott 
Registration No, 39,364 



BEYtR Weaver & Ti-ioiMas, LLP 
P.O. Box 778 
Berkeley, CA 94704-0778 
Telephone: (612)252-3330 
Facsimile: (612)825-6304 



10 



PAGE 1 1/13 * RCVD AT 4/912007 3:36:18 PM [Eastern Daylight Time] ' SVR:USPT0-EFXRF-2/1 1 ' DNIS:2738300 ' CSID:612 825 6304 * DURATION (nini-ss):03-42 



